CVE-2020-10732
moderate-risk
Published 2020-06-12
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
Do I need to act?
-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.3/10
Low
LOCAL
/ LOW complexity
Affected Products (20)
Aff A700 Firmware
References (28)
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10732
Issue Tracking
https://github.com/google/kmsan/issues/76
Third Party Advisory
https://lore.kernel.org/lkml/CAG_fn=VZZ7yUxtOGzuTLkr7wmfXWtKK9BHHYawj=rt9XWnCYvg...
Third Party Advisory
https://security.netapp.com/advisory/ntap-20210129-0005/
Third Party Advisory
https://twitter.com/grsecurity/status/1252558055629299712
Third Party Advisory
https://usn.ubuntu.com/4411-1/
Third Party Advisory
https://usn.ubuntu.com/4427-1/
Third Party Advisory
https://usn.ubuntu.com/4439-1/
Third Party Advisory
https://usn.ubuntu.com/4440-1/
Third Party Advisory
https://usn.ubuntu.com/4485-1/
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10732
Issue Tracking
https://github.com/google/kmsan/issues/76
and 8 more references
34
/ 100
moderate-risk
Severity
13/34 · Low
Exploitability
0/34 · Minimal
Exposure
21/34 · High